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TN THE CLAIMS 

Please csincd claims X 16, 17, 32, 33. 47, 48, 55, 78. 79, 88 and aiBcnd claims 1, 4, 5, 
18, 19, 35, 54, 56, 61, 71, 77, and 86 as follows: 

1 . (CURRENTLY AMENDED) A compacu personal token, comprising: 
a USB-compliant interface releascably coupleable to a host processing device; 
a memory; 

a processor, commimicaTively coupled to the memory and commumcattvely 
coupleable to tlie host processing device via the USB-compliant interface, the processor fox 
providing the host processing device condidonal access no ny;er private data storable in tlie 
memory; and 

a user input device, cotnmunicadvely coupled to the processor by a path distinct 
from die USB-compliant interface, for accepdng an input for process ing by the processor to 
[[signaling]] signal authorization of a processor operation providing access to the user private 
data, die input in response to a message received in the token from the host processing 
device via die USB-compliant interface invoking the processor operation , 

2. (ORIGINAL) The apparams of claim 1, wherein the path is entirely internal 
CO the token, 

3. (CANCELED) 

4. (CURRENTLY AMENDED) The apparams of claim [[3]] 1, wherein die 
user private data is designated as requiring aadiori2ation before access by an associated 
identification stored in the memory. 

5. (CURRENTLY AMENDED) The apparatus of claim 1, wherein the user 
input device comprises at least one pressure-sensitive device actuatable from an exierior 
surface of die token. 

6. (ORIGINAL) The apparatus of claim 5, wherein the input device comprises 
at least one posh-bucton switch. 
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7. (ORIGINAL) The apparatus ofclaiinl,furrlicr comprising: 

an output device, cotnmurdcativcly coupled to die processor by a second path 
distinct ftom the USB -compliant intetface, for prompting a user to provide an authorization 
of a processor operarion. 

8. (ORIGINAL) The apparatus of claim 7, wherein the path and die second 
padi are a common path. 

9. (ORIGINAL) The apparams of claim 1, wherein the output device prompts 
the user to provide an authorization of the processor operation when processor operarion 
requires access to the private data stored in the memory. 

10. (ORIGINAL) The apparatus of claim 7, wherein the output device 
comprises at least one light-emitting device. 

11. (ORIGINAL) The apparatus of claim 7, wherein the output device 
comprises at least one aural reproduction device. 

12. (ORIGINAL) The apparatus of claim 7^ wherein the output device 
comprises at leaSt one liquid crystal display (LCD). 

13. (ORIGINAL) The appaxatus of claim 7, whetein the output device provides 
an alphanimicric message indicating that xiser input is requited. 

14. (ORIGINAL) The apparatus of claim 13, wherein the alphanumeric 
message identifies the processing operation, 

15. (ORIGINAL) The apparatus of claun 13, wherein the alphanximeric 
message identifies a private key. 

16. (CANCELED) 
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17. (CANCELED) 

1 8. (CURRENTLY AMENDED) A method of authorizing access to piivatc 
data stoted in a token having a processor comravmicatively ([coupleable]] coupj^^ to a host 
processor via a Universal Serial Bus (USB) interface, comprising the steps of: 

accepting a command in the token invoking a processor operation via the IJ?>B 
interface : 

accepting a u$cr input signaling authorization of the processor operation via an input 
device; [[and]) 

providing the user input to the processor via a commiinication path distinct from the 
USB-compliant interface[[.]] :,and 

processing the user input in the processor to authori2e the invoked processor 
opevarion, 

1 9. (CURRENTLY AMENDED) The method of claim 1 8, further comprising 
die step of: 

determining if tiie processor operation requires access to the private data stored in 
the token; and 

prompting [die] a user to authorize the processor operation via an output device 
communicatively coupled to the processor if the processor operation reqioires access to 
private data stored io a memory in the tokcn[Q]]i 

20. (ORIGINAL) The method of claim 19, wherein the output device is 
communicatively coupled to the processor by a second communication patli distinct from 
the USB-compliant interface. 

21 . (ORIGINAL) The method of claim 20, wherein the first path and the 
second path are common. 
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22. (ORIGINAL) Tkc method of claim 20, wherein the step of determining if 
the processor requires access to a pdvate key stored in the token comprises the steps of: 

detcttntoing which data stored in the memory is affected by the processor operation; 

and 

determining whether the data affected by the processor operation is associated widi 
an idendficanon designating the data as a private key. 

23. (ORIGINAL) The method of claim 20, wherein the padi is entirely internal 
to the token. 

24. (ORIGINAL) The mediod of claim 20, wherein die input device is a 
pressure-sensitive device acmatablc from an exrerior siarface of the token. 

25. (ORIGINAL) The method of claim 24, wherein the input device is a push- 
button switch acmatable &om an exterior surface of the token. 

26. (ORIGINAL) The mediod of claim 20, wherein the output device 
comprises at least one light eiwtting device. 

27. (ORIGINAL) The method of claim 20, wherein die output device 
comprises at least one aural reproduction device. 

28. (ORIGINAL) The mcdiod of claim 20 wherein die output device comprises 
at least one liquid crystal display. 

29. (ORIGINAL) The method of claim 20, wherein the step of prompting the 
user to authorize the processor opetadon via an output device comprises the step of: 

providing an alphanumeric message indicating that user input is required. 

30. (ORIGINAL) The method of claim 29, wherein the alphanumeric message 
identifies the processing operation. 
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31 . (ORIGINAL) The method of ckim 29, wherein th e alphanumeric message 
identifies the private data. 

32. (CANCEI£D) 

33. (CANCELED) 

34. (ORIGINAL) The method of ckim 20, wherein the command is an 
authorisation request including a challenge value and the processor operation is a hash 
function using the challenge value and the private data* 

35. (CURRENTLY AMENDED) A program storage device, readable by a 
computer, tangibly embodying at least one program of instructions executable by die 
computer to perform method steps of audiorizing access to private data stored in a token 
having a processor communicadvely [[coupleable]] coupled to a host processor via a 
Universal Serial Bus (USB) interface, the method steps comprising the seeps of: 

accepting a cotnmand in the token invoking a processor operation via the USB- 
compliant interface : 

rlr-t^rminin g^ ui the token, if the processor operation requires access to the private 
data stored in the tolcen; 

prompting the user to authorize the processor opeiadon via an output device 
communicarively coupled to the processor by a path distinct from the USB-compliant 
interface if the processor operation requires access to a private data stored in a memory in 
the token; 

accepting a user input signaling authorization of die processor operation via an input 
device; and 

providiag the user input to the processor via a communication path distinct from the 
USB-compliant interface. 



36. (ORIGINAL) The program storage device of claim 35, wherein the first 
path and the second path are common. 
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37. (ORIGINAL) The program storage device of claim 35, wherein die method 
siep of determining if the processor requires access to a private key stored in the token 
comprises the steps of: 

determining which data stored in the memory is affected by die processor operation; 

and 

determining whether the data affected by the processor operation is associated with 
an identification designating the data as the private key. 

38. (ORIGINAL) The program storage device of claim 35, wherein the path is 
entirely internal to the token. 

39. (ORIGINAL) The program storage device of claim 35, wherein the input 
device is a pressure-sensitive device acroatable £com excerior surface of the token. 

40. (ORIGINAL) The program storage device of claim 39, wherein the input 
device is a push-button switch actuatable from an exterior surface of the token. 

41. (ORIGINAL) The program storage device of daiui 35, wherera the output 
device comprises at least one light emitting device, 

42. (ORIGINAL) The program storage device of claim 35, wherein the output 
device comprises at least one aural reproduction device. 

43. (ORIGINAL) The program storage device of claim 35, wherein the output 
device comprises at least one liquid crystal display. 

44. (ORIGINAL) The program storage device of claim 35, wherein the method 
step of prompting the user to authorize the processor operation via an output device 
comprises the method step of: 

providing an alphanumeric message indicating that user input is required. 
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45. (ORIGINAL) The program storage device of didm 44, wherein the 
alphanumeric message identifies the processing operation. 

46. (ORIGINAL) The program storage device of claim 44, wherein the 
alphanumeric message identifies the private data. 

47. (CANCFTFD) 

48. (CANCELED) 

49. (ORIGINAL) A compact personal token, comprising: 
a USB-compIiant interface releaseably coupleable to a host processing device; 
a memory; 

a processor^ coupled to the memory and communicatively coupleable to the host 
processing device via the USB-compliant interface, the processor for providing the host 
processing device conditional access to store and retrieve data storable in the memory, the 
data including a personal identification private to the user; and 

a user input device, cornmunicatively coupled to the processor by a path distinct 
feom die USB-compliant interface, for accepting a user input describing the personal 
identification. 

50. (ORIGINAL) The apparams of daim 49, wherein the user input device 
comprises a character input device, 

51 . (ORIGINAL) The apparatus of daim 50, wherein the character input device 
comprises a whed having an input position for each character in an input character set. 

52. (ORIGINAL) The apparams of daim 51, wherein each character is selected 
by depression of the wheel. 
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53. (ORIGINAL) The apparatus of claim 48, wherein the user input device 
comprises a first pressure sensitive device actuatable fcom an exterior side of the token, and 
a second pressure sensitive device actuacablc from the exterior side of the token, whcteia 
actuation of the first pressure sensitive device selects a character &om a character set, and 
actuation of the second pressure sensitive device enters die character as at least a portion of 
the personal identification. 



0 



54. (CURRENTLY AMENDED) A method of authentication losing a token 
having a processor communicatively [[coupleable]] coupled to a host processor via a 
Universal Serial Bus (USB) compliant interface, comprising the steps of: 

accepting a cni-nmand in die token involting a processor operation via the USB- 
compliant interface: 

determining if rhe processor operation requites access to the personal identification 
stotable in a meiTiory of the token; and 

derermininfr if the personal identification is stored in die me mory of die token; 
pfompting the user to enter a personal identification if the processor operatiojl 
rRfjinrfv's ^r ccss to the persofial identification and the personal identification is noc scored in 
the memory of the token: 

accepting a user input comprising a personal identification via an input device; and 
providing the user input to die process or via a communication path distinct fi:om the 
USB-compliant interface. 

55. (CANCELED) 

56. (CURRENTLY AMENDED) Tlie mediod of claim 54, wherein the step of 
prompting the user to enter die personal identification number comprises die step of 
activating a user output device via a second communication path distincc from die USB- 
compliant interface. 

57. (ORIGINAL) The mediod of claim 54, wherein the input device comprises 
a character input device. 
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58. (ORIGINAL) The method of claim 57, wherein the character input device 
comprises a wheel having an inpui position foi; each character in an input character set. 



59. (ORIGINAJ.) The method of 
by depression of the wheel. 



claim 58, wherein each character is selected 



60. 



(ORIGINAL) The method of daim 54, wherein tiie user input device 



comprises a first pressure sensidve device actuatable from an exterior side of the token, and 
a second pressure sensitive device actuatable from an exterior side of the token, wherein 
acmation of the first pressure sensitive device selects a character ftom a character set, and 
acttiarion of the second pressure sensidve device enters the character as at least a pordon of 
the personal idenrificadon. 



61 . (CURRENTLY AMENDED) 



A compact personal token, compriiiing; 



a USB-compliant interface releaseabljr coupleable to a host processing device; 
a memory; 



a processor, communicatively coupled 



to the memory and communicarively 



coupleable to the host processing device via the USB-compliant interface, the processor for 
providing the host processing device condiuonal access to user private data storable in the 
memory; and 

a user input device, communicarivdy coupled to the processor by a padi distinct from the 
USB-compliant interface j die user input device for signaling fiuthori7adon of a processor 
operadon invoked bv a message received in the token via the USB-comp liant interface. 



62. (ORIGINAL) Theapparatusof claim 61, wherein the user input device is 
configured to control an operation of the processor. 



63. (ORIGINAL) The apparatus 
an operation selected from the group comprising: 
an encryption operation; and 
a decryption operation. 
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:)f claim 61, wherein the operation comprises 
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64. (ORIGINAL) The apparacus of claim 61, wherein the operation comprises a 
digital signature operarion using a private key scored in the memory. 



65. (ORIGINAL) The apparatus of claim 61, wherein die input device 
comprises at least one pressiire-sensiuve device actuatable from an exterior surface of the 
token, 

66. (ORIGINAL) The apparams of claim 61, wherein the input device 
comprises at least one push-button switch- 

67. (ORIGINAL) The apparatus of claim 61, furdaer comprising an output 
device, communicatively coupled to the processor by path distinct &om die USB-compliant 



interface, for providing information regarding 



die operation of the processor. 



68. (ORIGINAL) The apparams of claim 67, wherein the output device 
comprises at least one light emitting device. 

69. (ORIGINAL) The apparatus of claim 67, wherein die output device 
cotnprises at least one liqmd crystal display, 

70. (ORIGINAL) The apparatus of daim 67, wherein die output device 
comprises at lease one aural output device. 



7 1 . (CURRENTLY AMENDED) 



A method of authorizing access to private 



data stored in a token having a processor commimicatively [[coupleable]] coupled to a host 
processor via a Universal Serial Bus (USB) interface, comprising the steps of: 

accepting a command in the token invoking a processor operation via the USB- 
compliant interface: 

accepting a user input to control the processor operation via an input device; and 
providing the user input to the processor via a communication path distinct from the 
USB-compliant interface. 
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72. (ORIGINAL) Themethodof claim 71, whet dn the operadoacompii^^ 
operation selected ftom rhe group comprising: 

an encryption operation; 
a decryption operation; and 
a digital &ignatuie operation using a privare key. 

73. (ORIGINAL) The method of claim 71, wherein the user input device 
comprises at least one pressure sensitive device acmatable &om an exterior surface of the 
token. 



74. (ORIGINAL) The method of claim 71 , further comprising die step of: 
prompting the user to control the processor operation via an output device 
coromunicatively coupled to the processor by a second path distinct from the USB- 
compliant interface. 



75. (ORIGINAL) The method of claim 74, wherein the path and the second 
patii arc common. 



76. (ORIGINAL) The method of 
selected from the group comprising: 
a light eiuitting device; 
an Kquid crystal display; and 
an aural reproduction device. 



claim 74, wherein the output device is 
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77, (CURRENTLY AMENDED) 



A compact pctsomJ tokcin, comprising: 



a USB-complLint interface relcaseably coupleable to a host processitag device; 
a memory; 

a processor, communicatively coupled to the memory and communicatively 
coupleable to the host processing device via ±e USB-compUant inter&ce, the processor for 
providing the host processing device conditional access to data storable in the memory; and 



a user output device, communicatively 



coupled to the USB-compliant interfacCjJot 



providing an indication of a data signal from the USB-compliant interface . 



78. (CANCELED) 



79. (CANCEI-ED) 



80. (ORIGINAL) A compact personal token, comprising: 
a USB-compliant interface releaseably Loupleable to a host processing device; 
a memory; 



a processor, communicatively coupled 



coupleable to the host processhig device via the USB-compliant interface^ the processor for 
providing the host processing device condirional access to data storable in the memory; and 



to die memory and communicadvely 



a user output device^ communicatively 



coupled to the processor. 



81. (ORIGINAL) The apparatus of claim 80, wherein die user output device is 
coupled to the processor by a path distinct from the USB-compliant interface. 



82. (ORIGINAL) The apparams of claim 80, wherein the user output device is 
configured to indicate the operation of the processor. 



83. (ORIGINAL) The apparams of claim 80, wherein the operation comprises 
an operation selected from die group comprising: 
an encryption operation; 



a decryption operation; and 
a digital signature operation using a private key. 
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84. (ORIGINAL) The apparatus of claim 80, wHcicin the user output device is 
selected frotn a group comprising 

at least one light emitting device; 
at least one Uquid crystal display, 
at kast one aural device. 

85, (ORIGINAL) The apparatus of claim 80, fiirdier comprising an input 
device, communicaiively coupled to the processor by path disdnct from the USB-compliant 
interface, for providing information for the opLradon of the processor. 



86. (CURRENTLY AMENDED) 



A mediod of authorizing access to private 



data stored in a token having a processor communicarively [[coupleable]] coupled to a host 
processor via a Universal Serial Bus (USB) interface, comprising the seeps of: 

accepting a cotmnand in die token invoking a processor operation via die USB- 
compliant interface : and 

signaling the processor operation via a user output device communicadvely coupled 
to the processor via a communicarion path disdnct from the USB-compliant interface^ . 



87. (ORIGINAL) Tlie method of claim 86, wherein the operation comprises an 
operation ^selected from the group comprising: 
an encryption operation; 
a decryption operation; and 
a digital signature operation using a private key. 



88. (CANCELED) 

89, (ORIGINAL) The method of claim 86, wherein the user output device is 
selected from the group comprising: 

at least one light emitting device; 
at least one liquid crystal display; and 

an aural device. 
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